Google’s poor design decision undermines 2FA protection
A design decision by Google can be exploited by attackers to gain control of both devices needed to access users’ accounts protected via SMS-based 2-factor …
New alerts for Gmail users targeted by state-sponsored attackers
Since 2012, Google has been warning Gmail users when they have been targeted by state-sponsored attackers, but now the alert will be even more visible (and therefore less …
Google offers binary comparison tool BinDiff for free
In case you missed it, Google announced on Friday that BinDiff, a comparison tool for binary files, can now be downloaded for free. The tool is used to spot differences and …
Google starts tracking, encourages worldwide HTTPS usage
Google has added a new section to its Transparency Report, which will allow users to keep an eye on Google’s use of HTTPS, and HTTPS use of the top 100 non-Google sites …
Hack Chromebook in guest mode, get $100,000
Google has once again upped the ante for bug hunters concentrating on Chrome, and is now offering $100,000 to anyone capable of achieving a compromise of a Chromebook or …
Google Hands Free entering the mobile payments game
Google has announced that it is testing its new payment app, Hands Free, which (as the name suggests) allows users to make payments without the need to use their hands, mobile …
Google plugs 19 holes in newest Android security update
In the March 2016 security update for the Android Open Source Project (AOSP), Google has fixed 19 security issues, seven of which are considered to be critical. Among these, …
Google open sources vendor security review tool
Google has open sourced its Vendor Security Assessment Questionnaire (VSAQ) Framework with the hope that other companies and developers could use it to improve their vendor …
Google bolsters Gmail data loss prevention
A few months ago, Google provided a data loss prevention (DLP) solution for Gmail to Google Apps Unlimited Customers. The solution allows administrators to set up scanning of …
Google offers free DDoS protection to independent news sites
Google (i.e., Alphabet) has created a free DDoS protection service to help independent news sites, sites focused on human rights and on election monitoring withstand DDoS …
Mobile banking Trojan bypasses Google Play security
The Acecard malware is capable of attacking users of nearly 50 different online financial applications and services and is able to bypass Google Play store security measures, …
Intercept, inspect and modify traffic flow with mitmproxy
mitmproxy is an interactive console program that allows traffic flows to be intercepted, inspected, modified and replayed. All flows are kept in memory, which means that it’s …